Middle East organizations should devote more time and effort to gathering and using cybercrime intelligence, as it will give a good return on investment and assist in the establishment and review of IT security strategies and the creation of eCrime investigative measures.
The most important and obvious question surrounding this point is, “How do you get that type of specialized intelligence?” The answer is companies and organizations should ensure that they have a full 360-degreee view of their data, which includes data in motion, static data and volatile data.
To fully achieve this, organizations should consider the implementation of a network capture and monitoring capability. This functionality, particularly during a network attack, would provide and identify essential information contained within the network data packets. This can assist the forensic analyst in determining whether the data traffic is routine or alternatively assist in identifying an attacker who is sending malformed packets to crash important systems or to gain unauthorized and privileged access. Permanent capturing of all network traffic is not normally necessary, however having the capability to quickly employ such a capability can help to speed the analysis during an attack...Read More >>>